<?php
  include __DIR__."/config/cors.php";
  include __DIR__."/database.php";

  $uid = @$_POST['uid'];
  $password = @$_POST['password'];
  $passwordtoo = @$_POST['passwordtoo'];

  if(!isset($uid) or !isset($password) or !isset($passwordtoo)){
    echo json_encode([
        "code" => 202,
        "msg"=> "缺少必要参数"
      ]);
      exit;
  }

  if($password != $passwordtoo){
    echo json_encode([
        "code" => 201,
        "msg"=> "两次输入密码不一致"
      ]);
      exit;
  }

    $db = new DB();
    $sql = "update user set password = '$password' where id = '$uid'";
    if ($db->insert($sql)) {
        echo json_encode([
            "code" => 200,
            "msg"=>"密码重置成功"
        ]);
    } else {
        echo json_encode([
            "code" => 204,
            "msg"=> "密码重置失败: " . $data
        ]);
    }
?>